{"id":"https://openalex.org/W4402811537","doi":"https://doi.org/10.1109/csr61664.2024.10679445","title":"Asset-Centric Threat Modeling for AI-Based Systems","display_name":"Asset-Centric Threat Modeling for AI-Based Systems","publication_year":2024,"publication_date":"2024-09-02","ids":{"openalex":"https://openalex.org/W4402811537","doi":"https://doi.org/10.1109/csr61664.2024.10679445"},"language":"en","primary_location":{"id":"doi:10.1109/csr61664.2024.10679445","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr61664.2024.10679445","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071602128","display_name":"Jan von der Assen","orcid":"https://orcid.org/0000-0002-0591-8887"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Jan von der Assen","raw_affiliation_strings":["University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5094134621","display_name":"Jamo Sharif","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jamo Sharif","raw_affiliation_strings":["University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101726074","display_name":"Chao Feng","orcid":"https://orcid.org/0000-0003-0884-5457"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chao Feng","raw_affiliation_strings":["University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053654122","display_name":"Christian Killer","orcid":"https://orcid.org/0000-0001-7943-1185"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Christian Killer","raw_affiliation_strings":["University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070889566","display_name":"G\u00e9r\u00f4me Bovet","orcid":"https://orcid.org/0000-0002-4534-3483"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"G\u00e9r\u00f4me Bovet","raw_affiliation_strings":["Cyber-Defence Campus, armasuisse Science & Technology,Thun,Switzerland,CH-3602"],"affiliations":[{"raw_affiliation_string":"Cyber-Defence Campus, armasuisse Science & Technology,Thun,Switzerland,CH-3602","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033030418","display_name":"Burkhard Stiller","orcid":"https://orcid.org/0000-0002-7461-7463"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Burkhard Stiller","raw_affiliation_strings":["University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zürich UZH,Communication Systems Group CSG,Department of Informatics IfI,Zürich,Switzerland,CH-8050","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5071602128"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.2765,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.88491891,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"437","last_page":"444"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.8152999877929688,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.8152999877929688,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.7842000126838684,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6768935918807983},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.45539847016334534},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4262828826904297}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6768935918807983},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.45539847016334534},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4262828826904297}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/csr61664.2024.10679445","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr61664.2024.10679445","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},{"id":"pmh:doi:10.5167/uzh-264645","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Text"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Climate action","score":0.5199999809265137,"id":"https://metadata.un.org/sdg/13"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W2930249865","https://openalex.org/W2962700793","https://openalex.org/W2964043980","https://openalex.org/W3109695251","https://openalex.org/W3116308504","https://openalex.org/W3198181512","https://openalex.org/W4200470330","https://openalex.org/W4206238515","https://openalex.org/W4292002667","https://openalex.org/W4295087958","https://openalex.org/W4372341076","https://openalex.org/W4391179367","https://openalex.org/W6728757088","https://openalex.org/W6850830318","https://openalex.org/W6861709784"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W2382290278","https://openalex.org/W4395014643"],"abstract_inverted_index":{"Threat":[0],"modeling":[1,15],"for":[2,83],"systems":[3],"relying":[4],"on":[5,25],"Artificial":[6],"In-telligence":[7],"is":[8],"not":[9,20],"well":[10,39],"explored.":[11],"While":[12],"conventional":[13],"threat":[14,88,125,164],"methods":[16,45],"and":[17,34,57,61,69,95,106,143,161,166],"tools":[18],"do":[19,74],"address":[21],"AI-related":[22,65],"threats,":[23,67],"research":[24],"this":[26,51],"amalgamation":[27],"still":[28],"lacks":[29],"solutions":[30],"capable":[31],"of":[32,103,116,131],"guiding":[33],"automating":[35],"the":[36,44,114,117,137,156],"process,":[37],"as":[38,40],"providing":[41,59],"evidence":[42],"that":[43],"hold":[46],"up":[47],"in":[48,147],"practice.":[49],"Consequently,":[50],"paper":[52],"presents":[53,77],"ThreatFinderAI,":[54],"an":[55,107,132,148],"approach":[56,108,138],"tool":[58],"guidance":[60],"automation":[62],"to":[63,99,109,122,141],"model":[64,126],"assets,":[66],"countermeasures,":[68],"quantify":[70,110],"residual":[71],"risks.":[72],"To":[73,112],"so,":[75],"ThreatFinderAI":[76],"a":[78,87,96,124,152],"novel":[79,97],"AI-based":[80,133],"stencil":[81],"library":[82],"automated":[84],"asset":[85],"extraction,":[86],"knowledge":[89],"graph":[90],"spanning":[91],"several":[92],"community":[93],"initiatives,":[94],"method":[98],"identify":[100,142],"business":[101],"impacts":[102],"AI":[104],"threats":[105],"them.":[111],"evaluate":[113],"practicality":[115],"approach,":[118],"participants":[119],"were":[120],"tasked":[121],"recreate":[123],"developed":[127],"by":[128],"cybersecurity":[129],"experts":[130],"healthcare":[134],"platform.":[135],"Secondly,":[136],"was":[139,159],"used":[140],"discuss":[144],"strategic":[145],"risks":[146],"LLM-based":[149],"application":[150],"through":[151],"case":[153],"study.":[154],"Overall,":[155],"solution's":[157],"usability":[158],"well-perceived":[160],"effectively":[162],"supports":[163],"identification":[165],"risk":[167],"discussion.":[168]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}